Aflac Confirms Cyberattack Amid Wave of Hacks Targeting U.S. Insurance Industry
Aflac, one of the largest supplemental health insurance providers in the United States, has confirmed it was the target of a recent cyberattack that potentially exposed sensitive customer data, including Social Security numbers, insurance claims, and health information.
The breach, disclosed on Friday, is part of a broader wave of cyber intrusions affecting major U.S. insurance firms. Erie Insurance and Philadelphia Insurance Companies also reported recent hacks, contributing to growing concerns across the sector. The FBI and private cybersecurity firms are actively investigating the incidents.
According to sources familiar with the investigations, the methods used in the Aflac breach align with those of a cybercriminal group known as Scattered Spider. The group, notorious for its aggressive and fast-moving tactics, has previously been linked to high-profile breaches of companies such as MGM Resorts and Caesars Entertainment.
In a statement, Aflac described the breach as the work of a “sophisticated cybercrime group,” although it stopped short of naming Scattered Spider. The company said it identified and halted the intrusion within hours and confirmed that no ransomware was deployed. Services to customers remain uninterrupted, Aflac added.
The hackers reportedly gained access through social engineering—a technique in which attackers deceive employees into providing access credentials or sensitive information. This approach has become a hallmark of Scattered Spider operations, often involving attackers posing as IT support staff to infiltrate corporate systems.
While the full extent of the data breach is still being assessed, the scale could be significant given Aflac’s extensive customer base and role in covering medical expenses not handled by primary health insurers.
Cybersecurity experts warn that Scattered Spider is especially dangerous due to its speed and unpredictability. The group, believed to include individuals based in the U.S. and UK, often launches rapid attacks that can compromise entire systems within hours.
“If Scattered Spider is targeting your industry, get help immediately,” said Cynthia Kaiser, a former FBI cyber division deputy who now works at cybersecurity firm Halcyon. “They don’t need days—they can strike and cause damage in mere hours.”
Experts urge organizations, especially in vulnerable industries like insurance, to tighten internal protocols and remain vigilant against deceptive support calls and phishing attempts.
“The threat that keeps me up at night isn’t always the nation-state hackers. It’s these guys,” said John Hultquist, chief analyst at Google’s Threat Intelligence Group. “They are already disrupting businesses in real time.”
The Aflac breach underscores the growing urgency for companies across sectors to bolster their cyber defenses against increasingly sophisticated and fast-moving threats.
